Hi there,
I'm using Gauntlet 5.5 on NT and i want to a FPROT AV. How can I activate
CVP for gauntlet.
___
Say Bye to Slow Internet!
http://www.home.com/xinbox/signup.html
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe
As posted earlier, we use Web Sweeper from www.mimesweeper.com It
successfully stops our users from sending attachments from web based email
programs such as hotmail. Also it will check the content, and if dubious,
again we disallow them from send email via web based programs (not smtp,
although
I am new to this field. I am planning to build a customized firewall on
Windows platform.
I am looking for some material which will guide me how to build firewalls on
windows platform (9x or NT). If some one can help me by forwarding the
references or some sample source code then it will be very
Hi,
Is there any underlying issues with running Checkpoint Firewall-1 on a
Nokia IP330 which is also running as the only router to the internet?
I understand that performance maybe impaired as its running as a router and
a firewall at the same time, yet do you know of any security issues?
On Tue, 8 Aug 2000, Viswa_Natha wrote:
Date: Tue, 8 Aug 2000 14:35:30 +0530
From: Viswa_Natha [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Need help. Urgent
I am new to this field. I am planning to build a customized firewall on
Windows platform.
I am looking for some
Thanx. Any other references ?
--
From: Catalin Braica[SMTP:[EMAIL PROTECTED]]
Sent: Tuesday, August 08, 2000 2:45 PM
To: Viswa_Natha
Cc: [EMAIL PROTECTED]
Subject: Re: Need help. Urgent
On Tue, 8 Aug 2000, Viswa_Natha wrote:
Date: Tue, 8 Aug
Title: Comparison of firewalling software available
Hi,
I'd really appreciate any information that could be offered in the way of comparing various free firewall solutions, e.g. ipfw, ipchains, ipfilter, ipfwadm, for free *NIX based platforms.
If you have opinions and/or preferences, I'd
Andrew Thomas wrote:
Hi,
I'd really appreciate any information that could be offered in the way
of comparing various free firewall solutions, e.g. ipfw, ipchains,
ipfilter, ipfwadm, for free *NIX based platforms.
If you have opinions and/or preferences, I'd like to hear them, with
why can't he?
how excatly web based mail works?
does it use "multipart" stuff?
anyway, there are proxies that filter content...
regards,
mouss
At 12:42 07/08/00 -0400, Chris Francosky wrote:
You can't unless you restrict their access to the specific sites. hotmail
and yahoo both use http to
Ron Morita wrote:
Are my desktops safe from hackers if I'm using NAT? It seems like
perimeter scanning products won't be able to scan desktops using NAT so
those scanners would imply my desktops are safe.
Are your desktops able to connect to the Internet? Are they connected
to the same
Looking at my squid proxy logs when I attempt to attach something to a mail
using Yahoo, I see the following:
965733836.623 5759 192.168.1.16 TCP_MISS/200 3980 GET
http://us.f1.mail.yahoo.com/ym/Attachments? - TIMEOUT_DIRECT/us.f1.mail.yahoo.com
text/html
here are some extracts from a
Hey,
I'm trying to break into a misconfigured Cisco 2500 router. I have console
access, but the enable password was lost by someone prior to my arrival, so
breaking in is my only option at this point. Now, I've done this before and
have instructions for the different requirements for different
"Mail @ faithinchaos.com" wrote:
--snip--
WTF is the break sequence in HyperTerminal (Windoze terminal program)???
CTRL-BREAK doesn't seem to work. Or perhaps I am keying the sequence at the
wrong time during the hard-boot process?
have u tried CTRL-C ??
--snip--
--
Marko Vukovic'
Hi there,
When I am at work, why I cant access my PRIMUS ISP e-mails from my Microsoft
Outlook ? Do I need to enable LDAP on my office Exchange Server ? Or perhaps
because PRIMUS ISP does not have LDAP Server setup ? Do I need to open any
port on my Firewall Checkpoint that has external
Greetings!
"Mail @ faithinchaos.com" wrote:
WTF is the break sequence in HyperTerminal (Windoze terminal program)???
CTRL-BREAK doesn't seem to work. Or perhaps I am keying the sequence at the
wrong time during the hard-boot process?
Try changing flow control (either software or none,
now in my CCNA classes we had to do this..i think when you managed to halt
the processes using (help me out here ctrl+break+d???!?!) you could type in
"0X220" or something of that nature.
That will allow you to get into the router and configure it like you want
to. If anyone knows the exact
great information on free firewalls:
Http://www.linuxfirewall.com
all the info on Linux type firewalls.
From: Andrew Thomas [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Comparison of firewalling software available
Date: Tue, 8 Aug 2000 11:51:09 +0200
Hi,
I'd really appreciate any
this is not a good idea from any point of view. It is a major security issue
in and of itself. A good place to deploy checkpoint would always be BEHIND
your only router. It develops another layer of security ( a fence if you
will) to help keep those nasty ole baddies out...
From: [EMAIL
Thanks to all for your help!
Saludos de Chile
Fredy R. Santana V.
Ingeniero Civil Eléctrico
Orion 2000 - Servicios Profesionales en Seguridad Informática
La Concepcion 322 piso 12, Providencia.
Santiago, Chile
Fono: 6403944 - e-mail: [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL
second rule: "If you can reach them, they can reach you" (well, this is the
title
of an enlightening article. My thanks to its author).
Using NAT generally means that you don't have a fixed address reachable
from outside
(I'm talking about the kind of NAT called dynamic, NPAT, PNAT, PAT, and
That will blow-away the current config as well, so you will
need to start again with the config.
-Original Message-
From: J Weismann [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 08, 2000 8:32 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: Cisco product break-in
I need some information on how to choose a firewall and the how to create
the firewall
for a system that is going to be using ftp, smtp and http tcp-ip
protocols.
Any suggestions? I hear a lot about some firewall products from different
companies but
dont know which is the best and the
Thanks Marko,
so these are POST commands using specific URLs. so as you suggested, one
can simply
block these URLs. However, this won't block new ones.
Anyway, I don't see why the guy wan't to block attachments? if it is
because of viruses and the like,
he can simply filter http traffic
I agree that it is not the optimum configuration for performance reasons, nor that a properly configured router cannot add to the security of a network (in the same way that two firewalls are more secure than one). But how, exactly, do you see this as a major security issue, with a properly
Hi All,
I would like to know if someone could explain me what are the advantages and
disadvantages of software and hardware firewall solutions.
I am particulary interesting by the disadvantages of the hardware solution.
Thank,
Nico
and great infos on other free OSes:
www.openbsd.org, www.freebsd.org, www.netbsd.org.
Thee are the BSD flavours, and offer a good level of robustness
and TCP/IP stack maturity.
[I'm not starting a fratricide war, I'm simply imitating the advocacy!]
For IP filter, check
Anyway, I don't see why the guy wan't to block attachments? if it is
because of viruses and the like, he can simply filter http traffic with
an antivirus product (and here there are many solutions,including
*sweeper).
He probably wants to block attachments because you cannot control what is
dreamwvr [EMAIL PROTECTED] wrote:
one issue that i foresee that
most likely could be a problem further down the road if not now . is that
someone will/is working on basically some sort of resource starvation
attack..
This is already an issue. In testing early versions (3.X) of NFR some
people
you need to set up the internet mail part of outlook to point to
the primus pop3 servers address. Then when you check mail
it will go out to primus and pull your pop3 mail to outlook.
You will need pop3 mail port open on the FW.
Larry Letterman
- Original Message -
From: "BY" [EMAIL
Joylan,
#I need some information on how to choose a firewall and the how to create
#the firewall for a system that is going to be using ftp, smtp and http
#tcp-ip protocols. Any suggestions? I hear a lot about some firewall
products
#from different companies but dont know which is the best and
I've had the same problem. The Windows HyperTerminal doesn't send the BREAK
command properly. I think this is a known issue with it. Try a different
terminal program is all I can suggest. I used Reflections.
Mark Street
Senior NT Engineer
01582 428841
since someone asked, the article ("if you can reach them, they can reach you")
can be found at:
http://packetstorm.securify.com/docs/infosec/firewall/tfire.txt
cheers,
mouss
-Original Message-
From: mouss [SMTP:[EMAIL PROTECTED]]
Sent: Tuesday, August 08, 2000 9:04 AM
Subject:
Are you using NT or 9x? If you are using NT (haven't tried W2K so I am not
sure there) it doesn't support the break sequence. IIRC for 9x it is
CTRL+BREAK, CTRL+C or CTRL+SHIFT+BREAK. HTH
Wes Noonan, MCP+I/MCSE/MCT/CCNA/NNCSS
Senior QA Rep
(713) 918-2412
BMC Software, Inc.
[EMAIL PROTECTED]
Thanks, everyone for the information. We basically use many of the products
that you mentioned
here such as Gauntlet and Checkpoint's Firewall-1. The issues with these
firewalls are being worked out
by us.
Thanks
Joylan Furtado
Telephone: 248-944-5434
-
[To unsubscribe, send mail to
Bourot Nicolas wrote:
I would like to know if someone could explain me what are the advantages and
disadvantages of software and hardware firewall solutions.
I am particulary interesting by the disadvantages of the hardware solution.
Does no one ever bother to go read the archives any
I have seen a nice implementation like this with yahoo and I like it. I
tried attaching an eicar.com file and right after retrieving the attachment,
the yahoo found out that it the eicar.com file I sent was infected. FYI,
eicar.com is just a test file.
rc -Original Message-
rc From:
Hi Ben,
At 09:35 08/08/00 +0930, Ben Nagy wrote:
I'm going to go out on a limb here and guess that it's only the fwtk and
directly derived ALGs that do this. You'd lose too much speed for this to be
a feature that "modern" firewalls would support. Speed is more important
than security,
At 10:14 08/08/00 -0400, Hudak, Tyler wrote:
Anyway, I don't see why the guy wan't to block attachments? if it is
because of viruses and the like, he can simply filter http traffic with
an antivirus product (and here there are many solutions,including
*sweeper).
He probably wants to block
I'm not sure whether I'd consider it a
performance issue or a security issue but the first thing that comes to mind are
DoS attacks. It's much easier to configure a router to minimize the
affects of most of these attacks because ALL the routers cycles (at least in
theory) are dedicated to
Hi,
Best solution: Go to a dumb terminal and then do
control break. Usually the keyboard mapping is a
problem. I tried all kind of permutations and
combinations with different terminal and parameters.
This is the only one that works.
Else: try your luck by going to different computer.
hope this
Have you tried, as a test, to 'telnet pop3server.domain 110'
Marko.
Larry wrote:
you need to set up the internet mail part of outlook to point to
the primus pop3 servers address. Then when you check mail
it will go out to primus and pull your pop3 mail to outlook.
You will need pop3
- Forwarded by William Stackpole/Santa Cruz/Western/Predictive on 08/08/00 09:26 AM -
William Stackpole
08/08/00 09:21 AM
To:Peter Kelly [EMAIL PROTECTED]
cc:
Subject:RE: Cisco product break-inLink
To recover from a lost enable password use the BREAK
Download a copy of NMAP and do a portscan on the firewalls.. No two firewalls
are all alike. This question is like asking ten million people "what does an
orange taste like to you" .. Everyone is different, thus everyone who
configures their firewall is different.. You say that this is for an
I believe Hyperterm uses the break key function by pressing the ALT and
PAUSE keys at the same time. This is how I "break into" a router that I need
the secret or enable reset. This is done as soon as the router starts to
boot.
Lance
- Original Message -
From: "Street, Mark (Siemens)"
I had the same problem. The M$ telnet thingy is busted. Try using SecureCRT.
There's a 30 day demo at their web site.
http://www.vandyke.com/products/crt/index.html
Scott
"Mail @ faithinchaos.com" wrote:
Hey,
I'm trying to break into a misconfigured Cisco 2500 router. I have console
The point of initial deployment of an IDS system is to have all the events
reporting back to the console, then after some time, tune the policies to
avoid the false positives from making IT admins running for the hills or
avoid the "Crying Wolf" issue.
IDS should also provide diagnostic
A firewall is meant as an ADDITION to your router. Not to supliment it in
any way. When you put your router on the outside you want it as secure as
you can(it can be compromised and it is expected to be compromised) a
casulty of war you can call it. That is where the firewall comes in. It is
Try a great terminal emulator TeraTerm, available at:
http://hp.vector.co.jp/authors/VA002416/teraterm.html
as an added bonus, it has a SSH module too, available at:
http://www.zip.com.au/~roca/ttssh.html
both work great!
-Original Message-
From: Scott Armstong [mailto:[EMAIL
Sheesh! When all else fails follow the directions:
-- http://www.cisco.com/warp/public/701/22.html#Tech%201
There's separate selections listed for 2500 and 2600; in fact, for just
about all (if not all) of the Cisco routers made.
Y
Password Recovery Procedure
1. Take a paper clip and straighted it out because
we are getting read to pick a electronic lock.
2.put a console cable in the back of the 2500/2600
3. Put one end of paper clip in the Female connector
Pin 2 (Rx pin).
4. Locate pin Six (Data Set Ready).
5. Power up
At 12:42 PM 8/8/00 -0400, J Weismann wrote:
didn't say it was the nicest way in but it's the only way i know how...what other way
is there?
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_fix/cis2500/2509/acsvrug/maint.htm#xtocid1285317
Hope this helps,
Chris
---remainder deleted
I should have been more descriptive! If you follow the
method to replace the password with the Cisco document
(I forget the name of the doc), and follow it carefully,
you should have no problem at all, but be careful not to
just replace the entire config with a new start config.
-Original
"Bourot Nicolas" [EMAIL PROTECTED] wrote:
I would like to know if someone could explain me what are the advantages and
disadvantages of software and hardware firewall solutions.
It's just a matter of packaging. "Hardware" is a bunch of silicon
and, if you look really closely, it's running
plain and simple..use both...
From: "Bourot Nicolas" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Software VS Hardware
Date: Tue, 08 Aug 2000 14:12:49 GMT
Hi All,
I would like to know if someone could explain me what are the advantages
and
disadvantages of software and hardware firewall
Using Linux with seyon makes it absolutely simple. Just click on
misc/break.
have fun ...
--
===
Peter Bruderer mailto:[EMAIL PROTECTED]
Bruderer Research GmbH Tel ++41 52 620 26 53
IT Security
You might want to research using HP VirtualVault as the trusted web server
for your WAP traffic.
http://www.hp.com/security/press/releases/2224-tantau/
Hal Rottenberg | Hewlett-Packard
Technical Support Engineer | Phone: +1-404-774-4041
Internet Security Division | Email: [EMAIL
We have a tape machine on our secure network and it makes sense to reach
out to the non-secure DMZ and yank back backups through the firewall. That
way the connection is established from the inside out.
I would like to use an encrypted client/server such as SCP or SSH to do so.
Does anyone
you HAVE TO BE KIDDDING!!?!!!?!?! does this really work??
From: Hostmaster [EMAIL PROTECTED]
To: "Mail @ faithinchaos.com" [EMAIL PROTECTED]
CC: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: Cisco product break-in
Date: Tue, 08 Aug 2000 11:49:20 -0700
Password Recovery Procedure
1. Take a
Hi,
Is there any way to sniff a T1/E1 traffic (in production) with something
less fancy than a Protocol analyser?
My electrical signal is V.35 and I want to listen to my WAN for a period,
just for knowledge.
Cheers
Fernando A. Netto
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"Mail @ faithinchaos.com" wrote:
Hey,
I'm trying to break into a misconfigured Cisco 2500 router. I have console
access, but the enable password was lost by someone prior to my arrival, so
breaking in is my only option at this point. Now, I've done this before and
have instructions for
More to the point: You can get in, say no when it asks you if you want
to use the wizard, type enable, hit return for the password. Then you
can load the current config from flash (copy mem current-config, maybe?
I forget) and then do "enable password foo" and "enable secret foo" as
well as
we had the same problem at win2k, but it works on win95/98 and win-nt client.
Marko Vukovic' wrote:
"Mail @ faithinchaos.com" wrote:
--snip--
WTF is the break sequence in HyperTerminal (Windoze terminal program)???
CTRL-BREAK doesn't seem to work. Or perhaps I am keying the sequence
Visual Networks CSU/DSUs will do this, as well as provide a ton of other
useful features. It's not a cheap product though.
-Original Message-
From: Fernando Listas [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 08, 2000 3:52 PM
To: [EMAIL PROTECTED]
Subject: Taping the WAN
Hi,
Is
Ooo. Now this sounds like a good idea.
Thanks fgor the links.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Michael Miller
Sent: Tuesday, August 08, 2000 2:17 PM
To: 'Scott Armstong'; Mail @ faithinchaos.com
Cc: [EMAIL PROTECTED]
Subject: RE: Cisco
I cant wait to try! I'll let you know.
* I miss getting free phone calls with paper-clips... :) Oh the 80's!!!
-Original Message-
From: J Weismann [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 08, 2000 4:29 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject:
At 02:11 PM 8/8/00 -0400, Marcus J. Ranum wrote:
Basically, the differences all boil down to manageability,
installation, and sometimes performance.
Hardware perspective essentially is basically no muss no fuss, plug it in
and turn it on. Plug in the required information according to
The previous poster was looking for the keyboard mappings to issue the
BREAK command during the Cisco 25xx boot up. Some terminal emulation
programs you may have to map some keys together in order to send a
recognizable CTRL BREAK to the Cisco 25xx router.
A terminal emulation program like
Yes
Guaranteed, or your money back!
Hostmaster
J Weismann wrote:
you HAVE TO BE KIDDDING!!?!!!?!?! does this really work??
From: Hostmaster [EMAIL PROTECTED]
To: "Mail @ faithinchaos.com" [EMAIL PROTECTED]
CC: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: Cisco product break-in
This is what you call is the three finger reconfigure.Yes, this method
works on not only Cisco Routers, but also on Livingston, USR, 3com and Some
finer PDA's. :)
From: Hostmaster [EMAIL PROTECTED]
To: "Mail @ faithinchaos.com" [EMAIL PROTECTED]
CC: [EMAIL PROTECTED], [EMAIL
Title: RE: Cisco product break-in
-Original Message-
From: Mail @ faithinchaos.com [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, 9 August 2000 9:12 AM
To: [EMAIL PROTECTED]
Subject: RE: Cisco product break-in
I've done this before. I have the Cisco Troubleshooting book
that
OK, I'm in.
Thank you everyone for your views, recommendations and blurbs. Even if some
on it didn't hit the topic I was looking for, I found all of it to be good
information to know. In this business, you just can't pass anything up. I
just continually hope I retain enough to be able to
-- Forwarded by Patricia Kateihwaho/Bushnet on
08/09/2000 08:10 AM ---
Patricia Kateihwaho
08/08/2000 04:51 PM
To: "J Weismann" [EMAIL PROTECTED]
cc:
Subject: Re: Cisco product break-in (Document link: Patricia Kateihwaho)
Note the setting of
Well, now might be the right time to upgrade the IOS if you want/need any
features that are available in the latest IOS releases (i.e. ssh). I have a
Cisco 2514 (4MB RAM and 12MB flash) at home and I've upgraded it to 12.0(9).
Which version and feature set you can upgrade to depends upon how
Remember the procedure for each router varies. Reference this doc in the
future for 2500 only (4000 maybe, but don't quote me):
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_fix/cis2500/2505/
2500him/77413.htm
You won't get an 'rommon' prompt (3640 and ?). On a 2500 you'll just
74 matches
Mail list logo